I'm currently looking into Sharepoint as a potential replacement for our company's bespoke, aging in-house built Intranet solution as it fills a lot of our requirements that have evolved over the years.

However, within our current intranet we have a WCF service that detects a user (we're a retail business, so in this case it would detect whether or not our user is at Head Office on the LAN or a Store on our WAN by IP as well as if the user is in a store, we detect which store it is without anybody having to login at any point) as we have two brands within our group and would be looking to replicate this functionality within Sharepoint.

The caveat is that some content is brand, area, region or store specific - not necessarily whole pages but sections of content on pages also. Is this something we could bring into Sharepoint in some way? If so, what would be the best way to do this?

3 Answers
3

You say your users never even log in? If you want to target content to users I dont see an easy way around using either the AD or user profiles to target content.

There also could be license issues with using the product this way (eg. intranet or internet CAL) as you really cant see how many users is using the system...

I would solve this by populating fields in the user profile or by membership in Active Directory (eg. user is member of "InternalUsers" security group in AD, so we know he is local). SharePoint has a feature called audience targeting where you can target links, web parts and list items (or custom code) for specific users. It is not a security feature, more like a "push" feature.

If you need the external users not to see local content you can control this with permissions, again based on security groups in AD.

Yet a third method, that requires custom code, but has other advantages as it goes across all sites and web applications, is to use a custom search web part to target content. You can then emulate target auditing by making your search queries dynamic depending on user by looking in the user profile of the current user.

If this doesnt fit your needs, please write more in Q so we have more to work with :)

We specifically don't want our stores to have AD accounts, which is how we've done things so far. We only plan on using Sharepoint as a replacement for our current intranet/extranet site, but really need to be able to replicate this current functionality without adding stores to AD. As for licensing, it is my understanding that you can use Sharepoint for Internet Sites in conjunction with the CALs required for internal users because the way our network is set up makes our stores external users.
–
LiamGuOct 2 '12 at 10:12

I wonder if you could achieve what you want with a custom membership provider that could impersonate a user based on location. Somehow you could impersonate a user based on where the user was coming in from in the provider. Once you were impersonating that user (Head Office User, Store One User etc.), you could use any of the suggestions above to customize content.
–
sween_spOct 4 '12 at 17:12

You could expose a SharePoint Intranet securely to the stores through a Microsoft Threat Management Gateway 2010 (TMG 2010). They can then simply login through a Web form similar to Outlook Web access. Their desktops will with this setup not need to be hooked up to the AD. But your SharePoint servers will need to be hooked up to the AD in any case. You could with this setup simply create a shared login for each store and identify them that way around. They can then just type username and password in the login form. The login timeout can be configured on the TMG.

I hear you saying "no login" - but I cannot recommend going down this path with SharePoint for an Intranet. Trying to bend SharePoint too much will only get you in trouble with respect to maintenance and upgrades.

Theoretically, would I be able to do something akin to Single Sign On with the store users being essentially external users as they won't have an AD account? I have a Sharepoint Foundation installation working with our TFS install which uses single sign on so the only login I ever have to do is into my desktop machine, but that is tied to AD.
–
LiamGuOct 2 '12 at 13:27

No, desktops must be joined to the AD for single sign-on with the Windows login to work!
–
Lars FastrupOct 2 '12 at 19:09

Have you considered setting up a VPN connection from the stores to your internal network? You can then join their desktops to the AD and single sign-on will work. The TMG can also deliver VPN connectivity.
–
Lars FastrupOct 2 '12 at 19:23

Unfortunately, that isn't an option for us because of how we have everything setup already. We're not a small retail business either and the amount of time that would need to be spent to change our current setup would not justify the pay off of using Sharepoint in this manner.
–
LiamGuOct 3 '12 at 9:44

Anders did say this, but I will add on to this. Audience targeting is a good option to go for.

Group the users in Head office to one and users from various store to various groups.
In that way, pages and content could be targeted to groups. I do not see any option to trace IP from users and target content based upon this.